Security News > 2024 > May > macOS version of elusive 'LightSpy' spyware tool discovered
A macOS version of the LightSpy surveillance framework has been discovered, confirming the extensive reach of a tool only previously known for targeting Android and iOS devices.
LightSpy is a modular iOS and Android surveillance framework used to steal a wide variety of data from people's mobile devices, including files, screenshots, location data, voice recordings during WeChat calls, and payment information from WeChat Pay, and data exfiltration from Telegram and QQ Messenger.
The researchers infiltrated LightSpy's control panel by exploiting a misconfiguration that allowed unauthorized access to the authenticated interface, gaining insights into the functionality, infrastructure, and infected devices.
LightSpy core can also execute shell commands on the device, update its network configuration, and set an activity timetable to evade detection.
The LightSpy framework extends its spying functionality using various plugins that perform specific actions on the compromised device.
These plugins enable LightSpy to perform comprehensive data exfiltration from infected macOS systems, while its modular design gives it operational flexibility.